VMware: Active Directory tips, tricks, and tweaks
Sometimes it can pay off to dig into that bag of tricks you’ve been accumulating from talking with colleagues in the IT profession. This recently happened to me when I was asked to give some advice concerning an issue an organization was having with replication in their Active Directory environment. In researching their problem, I came across a whole lot of other Active Directory tips and tweaks that I’d come across during my meanderings across the tech landscape, and I thought it might be helpful for readers who work with Active Directory to share some of these with you. As usual, these tweaks are presented “as is” with no guarantee or warranty, so be sure to try them out in your test environment before making use of them in a production environment. And if you have any Active Directory tips, tricks, or tweaks of your own you’d like to pass on to readers, you can send them to me at [email protected] and I’ll either include them in a followup article on this topic or share them with the 400,000 readers of our popular WServerNews weekly newsletter.
Tip: Firewalling countries
One consultant I know was asked to provide some advice to an enterprise that had an Active Directory forest deployed across several countries including one country (Country X) that they didn’t trust so much even though they had a branch office located in that country. The organization wanted to put some firewalls in place between the networks located in each country while still allowing Active Directory to function properly with the idea that if the network in Country X was compromised the damage could be contained, and Active Directory in the remaining countries would remain unaffected. He asked me if I had any suggestions or recommendations on how to implement such a solution, and I said that I vaguely remembered reading something and would get back to him soon.
Anyway, as I searched for any resources that might help him, I came across the following Microsoft Knowledge Base (KB) article: How to configure a firewall for domains and trusts. Although this KB article focuses on Windows NT (yikes!), Windows 2000 Server (golly!) and Windows Server 2003, none of which are supported any longer by Microsoft, a quick look at the article’s footer shows that the article has been revised five times and is guaranteed as accurate up to Windows Server 2012. I would hazard a confident guess that it’s still valid for Windows Server 2016 as well.
Read the entire article here, Active Directory tips, tricks, and tweaks
Via the fine folks at VMware!